2016’s Biggest Hacking Trend: Ransomware
The latest hacking trend is ransomware: hackers take over a device or network with malware and demand a ransom to restore functionality. It’s a dangerous combination of hacking innovation–demanding money rather than stealing data–and traditional hacking tools, malware and phishing.
In a typical scenario, a user receives an email message with an attachment. When they open the attachment, it installs malware that encrypts data on their computer and any connected network drives. The only way to decrypt the data is to pay the ransom in bitcoins or restore all of the files from backup. Backup restoration has worked for some organizations, but not everyone has the time needed to complete a full restore, which can take days and cost thousands of dollars in lost productivity. Others don’t have dependable, current backups to rely on in a disaster. These organizations are forced to pay the ransom.
The latest newsworthy attack was on a hospital in Hollywood, where the hackers managed to lock down the entire network. Hospital administration worked with law enforcement and security firms to find some way to regain control of their systems, but there was no option that would restore functionality quickly enough to maintain their standard of care. They were forced to pay $17,000 in ransom via Bitcoin, a cryptocurrency that is not easy to acquire and may fluctuate in value before it can be delivered.
Ransomware is a new application of malware, but it relies on the same phishing techniques as traditional attacks. Phishing remains a profitable enterprise for hackers, because they can distribute infected email to hundreds of thousands of people with little effort or cost. Even if a small fraction of 500,000 people fall victim to a scam, it’s still extremely profitable for hackers, who rely on automation and bots to keep labor costs down.
For phishing to succeed organizations must have weaknesses in cybersecurity and user training. To avoid this, companies in every industry and of all sizes need a strong information security program, including plans for remediation and user education.
More Information on Ransomware